Re: [w3c/payment-handler] "Middleman Id/Commission %/Payeeer" provision (#335)

@rsolomakhin 

> One reason to use Service Workers is for the CanMakePayment event.

Sorry, I can't see anything [here](https://www.w3.org/TR/payment-request/#canmakepayment-method) that would require a Service-Worker to implement. Can you please explain a little more?

@ianbjacobs I too would very much like to hear from others on this! You clearly have a better grasp of all the issues than I.

A couple of things to bear in mind though regarding the scope of this functionality: -

1) The disbursement is opaque to the User/Payer (as is the case everywhere today)
2) The disbursement infrastructure can not introduce an additional PCI DSS compliance burden.
3) The User's UA has no knowledge of destination accounts

Re: .2 I am hoping that an encrypted PMO ID of a payee can be stored in the PWA database without attracting more severe PCI DSS requirements?

Yes, there would be many additional 1:1 relationships between Payee/PMO but the friction would only be incurred at Merchant <=> PWA/Account registration time.

Sure we have lost the ease to chop and change PMO at will, but that's it. Right?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/issues/335#issuecomment-473745630

Received on Monday, 18 March 2019 02:18:22 UTC